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DETAILED ACTION 

1 . In view of Appeal Brief filed on 1 0/1 1/06 the prosecution is reopen. 



Response to Arguments 

2. Applicant's arguments with respect to claims 1-5, 7-12, 14-15, 17-18 and 20 have 
been considered but are moot in view of the new ground(s) of rejection. 



3. Claims 1- 5, 7-11 and 14-15, 17-18 and 20 have been examined. 



Claim Objections 

4. Claims 1-5, 7-12, 14-15, 17-18 and 20 are objected to because of the following 
informalities: applicant is not consistent in using articles. For example claim 1 
recites "the security module" while claim 7 recites "said security module". Applicant 
should ensure the consistency through the claim language. 

Appropriate correction is required. 



Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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5. Claims 1-5, 7-12, 14-15, 17-18 and 20are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Pichlmaier (U.S. Patent No. 5317637) in view of Windows NT as 
illustrated by Ozzie (U.S. Patent No. 5664099) and Hadfield et al. (Lee Had field, 
Dave Hater, Dave Bixler, "Windows NT Server 4 Security Handbook", 1997, ISBN: 
078971213). 

As per claims 1 and 1 1 , Windows NT discloses authentication password entry 
screen, receiving a command to execute a password-protected secure function 
(Hadfield, "The Log-On process", pg. 80-81) that temporarily halts execution of 
programs not needed by a security module while the data entry screen is displayed 
and restarts halted programs after the password entry screen is removed from the 
display prompting a user to enter a password (Ozzie, col. 1 lines 51- col. 2 line 1). 
An ordinary artisan would appreciate that devices utilizing Windows NT systems 
comprise memory and processors. 

6. Windows NT does not teach storing authentication indicia for authenticating 
password entry screens to a user in a memory of the computing device. 
Pichlmaier discloses a device comprising a secure processor and memory storing 
authentication indicia (data word, Pichlmaier, col. 2 lines 17-32). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to implement the indicia for authentication password entry screen to a user 
in a memory of the computing device. One of ordinary skill in the art would have 
been motivated to perform such a modification in order to verify the authenticity of 
the device system (Pichlmaier, col. 1 lines 38-46). 



Application/Control Number: 09/727,062 Page 4 

Art Unit: 2134 

* 

Similarly, it would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to implement Windows NT teaching into the device disclosed 
by Pichlmaier given the benefit of establishing a protected channel between a user 
and legitimate programs and terminate any hostile programs (e.g. Trojan horses, 
eavesdropping programs etc., Ozzie, col. 1 lines 46-67). 

7. As per claims 2 and 4, the indicia stored in the device module is obtained from a 
user (col. 2 lines 29-31) and as per claims 12 and 20, Pichlmaier discloses a 
removable smart card (Pichlmaier, Fig. 1). 

8. As per claim 3, it is clear the indicia taught by Pichlmaier reads on confidential data 
As a result, it would have been obvious to one of ordinary skill in the art at the time 
of applicant's invention to display the indicial for a limited time in order to prevent 
unnecessary exposure and as a result minimize threats of attacks. 

9. As per claims 5, 7-8 and 14-15, as discussed above, Windows NT discloses halting 
any application programs which are in operation during the password entry 
sequence and after the information has been entered correctly the operating system 
returns control to the application. This reads on halting executing of programs 
running on the computing device not necessary for inputting the password while the 
password entry screen is displayed, inhibiting an operating system in the computing 
device from responding to interrupts not associated with the security module and 
inhibiting context-switching by an operating system in the computing device to 
programs not needed by the security module. 
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10. As per claims 9-10 and 17-18, Windows NT does not explicitly teach a status table in 
RAM that is used by an operating system in the computing device, wherein each 
entry in the tables relate to a currently executing program and containing a status 
indication associated with the currently executing program, saving current setting of 
the status table and changing the current setting so as to inhibit execution by the 
operating system of the programs not needed by the security module. 
However, utilizing tables to store and retrieve related information are well-known in 
the art of computing (see previously provided to applicant Carter's reference: Fig. 
21-9 pg. 795). Utilized data structure to store data such as program status 
information would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention given the benefit of table structure commercial success. 
The name of a table (e.g. a status table, an alternate status table) would not affect 
functionality of the invention especially since the claim language does not preclude a 
status table to be different from an alternate status table. 
Furthermore, grouping information by common characteristics in different tables 
would have been an obvious variation. It would have been obvious to one of 
ordinary skill in the art at the time of applicant's invention to group similar information 
in the same table (e.g. information relating to a currently executing program in a 
status table, information relating to programs needed by security module in another 
table). One of ordinary skill in the art would have been motivated to perform such a 
modification in order to a quick access to related information. 
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11. Claims 1, 3, 5, 7-11 and 14-15 and 17-18 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Ozzie (U.S. Patent No. 5664099). 
As per claims 1,11 Ozzie discloses authentication indicia known to a user for 
authenticating password entry screens to the user (Fig. 2A-C, col. 3 lines 49-67 and 
col. 8 lines 65-67). Ozzie explicitly discloses that the apparatus implementing the 
indicia is a computer with memory (col. 3 lines 8-15) and computers inherently store 
data such as display data in memory. 

Furthermore, Ozzie discloses Windows NT, wherein Ozzie discloses receiving a 
command to execute a password-protected secure function (Control-Alt-Delete) that 
temporarily halts execution of programs not needed by a security module while the 
data entry screen is displayed and restarts halted programs after the password entry 
screen is removed from the display prompting a user to enter a password (Ozzie, 
col. 1 lines 51- col. 2 line 1). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate Windows NT halting and restarting execution of programs 
not needed by a security module as disclosed by Windows NT given the benefit of 
establishing a protected channel between a user and legitimate programs and 
terminate any hostile programs (e.g. Trojan horses, eavesdropping programs etc., 
Ozzie, col. 1 lines 46-67). 

The examiner reminds applicant that in Windows NT, "the particular key sequence 
during information (password) entry" discussed by Ozzie is an authentication 
function executing the password-protected secure function based on the validity of 
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the password entered by the user (for additional information see Hadfield reference 
for example: "The Log-On Process", pg. 80-81). 

Furthermore, it would have been obvious to one of ordinary skill in the art at the time 
of applicant's invention to remove data entry screens after successful authentication 
process in order to enable the authenticated users to access their desktop. Note 
that such a mechanism is frequently implemented in the prior art, e.g. Microsoft 
products such as Windows NT. 

12. As per claim 3, Ozzie clearly discloses removing the entry screen (Fig. 2A-C) would 
remove the indicia. Furthermore, it is clear from Ozzie's disclosure that indicia is 
confidential data displayed during the authentication process to authenticate the 
screen. Thus, it would have been obvious to one of ordinary skill in the art at the 
time of applicant's invention to display the indicial for a limited time to prevent any 
security attacks. 

13. As per claims 5, 7-8 and 14-15, as discussed above, Ozzie discloses halting any 
application programs which are in operation during the password entry sequence 
and after the information has been entered correctly the operating system returns 
control to the application. This reads on halting executing of programs running on 
the computing device not necessary for inputting the password while the password 
entry screen is displayed, inhibiting an operating system in the computing device 
from responding to interrupts not associated with the security module and inhibiting 
context-switching by an operating system in the computing device to programs not 
needed by the security module. 
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14. As per claims 9-10 and 17-18 Ozzie does not explicitly teach a status table in RAM 
that is used by an operating system in the computing device, wherein each entry in 
the tables relate to a currently executing program and containing a status indication 
associated with the currently executing program, saving current setting of the status 
table and changing the current setting so as to inhibit execution by the operating 
system of the programs not needed by the security module. 
However, utilizing tables to store and retrieve related information are well-known in 
the art of computing (see previously submitted to applicant Carter's reference: Fig. 
21-9 pg. 795). Utilized data structure to store data such as program status 
information would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention given the benefit of table structure commercial success. 
The name of a table (e.g. a status table, an alternate status table) would not affect 
functionality of the invention especially since the claim language does not preclude a 
status table to be different from an alternate status table. 

* 

Furthermore, grouping information by common characteristics in different tables 
would have been an obvious variation. It would have been obvious to one of 
ordinary skill in the art at the time of applicant's invention to group similar information 
in the same table (e.g. information relating to a currently executing program in a 
status table, information relating to programs needed by security module in another 
table). One of ordinary skill in the art would have been motivated to perform such a 
modification in order to a quick access to related information. 
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15. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ozzie (U.S. 
Patent No. 5664099) in view of Cottroll (U.S. Patent No. 5465084). 

Ozzie discloses authentication credential: indicia, as discussed above. 

16. Ozzie does not teach that obtaining the credential from users. 

Cottrell discloses obtaining the authentication credential from users (Cottrell, col. 4 
lines 16-20). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to obtain the authentication credential from users as disclosed by Cottrell. 
One of ordinary skill in the art would have been motivated to perform such a 
modification in order to use authentication credential easily remembered by the 
users. 

17. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ozzie 
(5664099) in view of Bertina (U.S. Patent No. 6091817). 

Ozzie discloses a device for executing a password-protected secure function 
comprising a secure processor and memory as discussed above. 

18. As per claim 2, Ozzie does not explicitly disclose storing the indicia in a security 
module. 

Bertina discloses storing data in a security module (Bertina, col. 2 lines 7-12). 
It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to data such as indicia in a security module as disclosed by Bertina. One of 
ordinary skill in the art would have been motivated to perform such a modification in 
order to restrict access to the data. 
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19. Claim 1 1 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ozzie (5664099) in view of Challener (U.S. Patent No. 6598032). 

Ozzie discloses a device for executing a password-protected secure function 
comprising the processor and the memory as discussed above. 

20. Ozzie do not disclose the device comprising a smart card containing the processor 
and the memory. 

Challener discloses a removable smart card containing a processor and memory 
(Challener, col. 2 lines 6-15). 

It would have been obvious to one of ordinary skill in the art at the time of applicant's 
invention to implement the processor and the memory disclosed by Ozzie into a 
removable smart card as disclosed by Challener. One of ordinary skill in the art 
would have been motivated to perform such a modification in order to extend 
security into the Challener's card. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 

examiner should be directed to Peter Poltorak whose telephone number is (571 ) 
272-3840. The examiner can normally be reached Monday through Thursday from 
9:00 a.m. to 4:00 p.m. and alternate Fridays from 9:00 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone 
number for the organization where this application or proceeding is assigned is 
(571)273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). < >Cc^S 



A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by 
signing below: 
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